Internal Thread is as dangerous as external thread

Internal Thread is as dangerous as external thread

“The most dangerous enemies are those who are close with us”

Many companies and organizations forget that thread comes not only externally, but also internally. Sad but true, this ignorance comes not only from small companies but also from big companies. Often, internal threads are not prosecuted nor reported due to many reasons: lack of evidence/concern, brands image protection, and many more.

Internal thread may come from former and current employees, partners, contractors, and other parties who have legibility access to our network systems. According to 2014 US State of Cybercrime survey, 32% cyber crimes happened in 2013 was caused by insider. 82% of these incidents are the exposure or loss of confidential information. Again, the saddest thing is most of cases were not reported.

Apart from the high rate of unreported event, the thread from insider has happened in many business sectors, starting from financial services to governmental department.

Although it varies in each case, usually IT or system sabotage is conducted by former employee, while fraud is usually committed by currently staff. On the other hand, theft of intellectual property usually happens within 30 to 90 days of an individual’s resignation.

In addition to planned crimes, it is not rare that staffs incidentally leak confidential information they have and allow attackers to use this opportunity to steal data and other important information they want. For company, it is important to keep tracks of the behavior of their staffs, including type of devices they use, how they use their online devices, how they treat the documents, and many more. To have a big picture on how our staffs behave will help in creating policy and avoid data breach.

Understanding this situation, every company needs to check their internal conditions on routine basis. This implies both to infrastructural /networking systems and awareness of the staffs related to security.

Train the staffs regarding cyber security, for example, is one good way to improve staffs awareness and concern. On the other side, to have some internal penetration testing – where testers try to “hack” the system when they have credentials information – is one of the best way to know how vulnerable our system is.

Just remember to never underestimate the internal threads as it is proven to be as danger as external threads. As the consequences of these two threads are equally bad for our organizations, these two threads deserve equal attention.